With progress of smart devices, social networks, cloud computing, and the like, dependence on information system is more and more increasing in business and everyday life. When users use an information system, each user generally registers a password in advance and inputs a password that matches the registered password, thereby authentication succeeds and a user concerned can use the information system. If the password matches even though the person who input the password is not the person who originally registered the password, authentication still succeeds and the person who input the matched password is allowed to access the information system. For this reason, strict management of the passwords is required, but most of the passwords registered by users are not constituted of completely random character strings but constituted of character strings which are easy for the users to memorize in actuality.
For example, in the case of passwords derived from words written in dictionaries, dictionary-based sequence passwords, or passwords which can be speculated from personal information such as user's date of birth, the passwords themselves mean something, which makes it easy for users to memorize. Users can also easily memorize, for example, passwords constituted of character strings which do not mean anything themselves but short in their length, passwords generated by using characteristics of physical key arrangement of a keyboard selected for inputting passwords, or keyboard-based sequences passwords. FIGS. 16(a) and 16(b) each describe one example of a password generated by using the characteristics of physical key arrangement. FIG. 16(a) illustrates an example of using shaded keys “1”, “q”, “a”, “z”, “x”, “s”, “w”, and “2” out of the keys in the keyboard used for inputting a password. For example, a password “zaq12wsx” is generated by unicursal clockwise input of the keys. It can be said that this password is generated by using the characteristics of physical key arrangement. FIG. 16(b) illustrates an example of using shaded keys “1”, “2”, “3”, “4”, “a”, “s”, “d”, and “f” out of keys of the keyboard. For example, a password “asdf1234” generated by using these keys is input by typing the keys successively in a cross direction. It can be said that this password is generated by using the characteristics of physical key arrangement. There is known a technique to determine whether or not a password is generated by using such physical key arrangement. In this technique, for example, passwords generated by using the physical key arrangement are registered in advance, and when a password is input, it is determined whether or not the input password matches any one of the registered passwords.